‫ Summary of Symantec Intelligence Report: July 2012

Date: 2012-09-03
July edition of the Symantec Intelligence report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team concerning malware, spam, and other potentially harmful business risks. The data used to compile the analysis for this report includes data from January through July 2012.
Spam Analysis
In July, the global ratio of spam in email traffic rose by 0.8 percentage point since June, to 67.6 percent (1 in 1.48 emails).
Saudi Arabia overtook Hungary to become the most spammed geography in July, with a spam rate of 79.0 percent.
In the US, 67.7 percent of email was spam and 67.9 percent in Canada. The spam level in the UK was 68.5 percent. In the Netherlands, spam accounted for 70.7 percent of email traffic, 67.8 percent in Germany, 67.7 percent in Denmark and 66.8 percent in Australia. In Hong Kong, 67.0 percent of email was blocked as spam and 66.6 percent in Singapore compared with 64.1 percent in Japan. Spam accounted for 67.8 percent of email traffic in South Africa and 71.6 percent in Brazil.
The Education sector was the most spammed industry sector in July, with a spam rate of 70.3 percent; the spam rate for the Automotive sector was 69.0 percent. The spam rate for the Chemical & Pharmaceutical sector was 67.9 percent, compared with 67.7 percent for IT Services, 67.7 percent for Retail, 68.8 percent for Public Sector and 67.2 percent for Finance.
The spam rate for small to medium-sized businesses (1-250) was 67.8 percent, compared with 68.1 percent for large enterprises (2500+).
Spam Attack Vectors
July highlights the decrease in spam emails resulting in NDRs (spam related non-delivery reports). In these cases, the recipient email addresses are invalid or bounced by their service provider. The proportion of spam that contained a malicious attachment or link increased, with periodic spikes of spam activity during the period, as shown in the chart below.
Phishing Analysis
In July, the global phishing rate decreased by 0.003 percentage points, taking the global average rate to one in 475.3 emails (0.21 percent) that comprised some form of phishing attack.
The Netherlands remained the country most targeted in July, with one in 94.4 emails identified as phishing attacks. South Africa was the second-most targeted country, with one in 171.2 emails identified as phishing attacks.
Phishing levels for the US reached one in 995.5 and one in 244.9 for Canada. In Germany phishing levels were one in 1,091.0, one in 719.6 in Denmark. In Australia, phishing activity accounted for one in 752.1 emails and one in 2,241.4 in Hong Kong; for Japan it was one in 7,448.8 and one in 3,450.6 for Singapore. In Brazil one in 786.2 emails was blocked as phishing.
Analysis of Phishing Web sites
Overall, the number of phishing Web sites decreased by 1.8 percent in July, compared with the previous month. The number of phishing websites created by automated toolkits increased by 12.9 percent, accounting for approximately 63.8 percent of phishing attacks. Phishing attacks related to well-known social networking Web sites and social networking apps accounted for 15.9 percent of phishing attacks.
The number of unique phishing domains decreased by 20.1 percent, and phishing websites with IP addresses in place of fully-qualified domain names in the URL, increased by 49.7 percent.
The use of legitimate Web services for hosting phishing sites accounted for approximately 3.6 percent of phishing Web sites, a decrease of 0.3 percentage points since June. The number of non-English language phishing Web sites increased by 174 percent. The most common languages for non-English phishing sites, included: French, Italian, Portuguese and Spanish.
Tactics of Phishing Distribution
Organizations Spoofed in Phishing Attacks, by Industry
Email-borne Threats
The global ratio of email-borne viruses in email traffic was one in 340.9 emails (0.293 percent) in July, a decrease of 0.023 percentage points since June.
In July, 26.5 percent of email-borne malware contained links to malicious Web sites, 1.5 percentage points higher than June.
Web-based Malware Threats
In July, Symantec Intelligence identified an average of 2,189 Web sites each day harboring malware and other potentially unwanted programs including spyware and adware; an increase of 4.0 percent since June. This reflects the rate at which Web sites are being compromised or created for the purpose of spreading malicious content. Often this number is higher when Web-based malware is in circulation for a longer period of time to widen its potential spread and increase its longevity.
As detection for Web-based malware increases, the number of new Web sites blocked decreases and the proportion of new malware begins to rise, but initially on fewer Web sites. Further analysis reveals that 53.5 percent of all malicious domains blocked were new in July; a decrease of 9.4 percentage points compared with June. Additionally, 12.1 percent of all Web-based malware blocked was new in July; a decrease of 0.9 percentage points since June.
The chart above shows the increase in the number of new spyware and adware Web sites blocked each day on average during July compared with the equivalent number of Web-based malware Web sites blocked each day.
Symantec Intelligence Report: July 2012


بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 13 شهریور 1391



امتیاز شما
تعداد امتیازها:0